Financial institutions under the OCC's supervision assess the impact of a data breach, with certain banks restricting the exchange of information.
The Office of the Comptroller of the Currency (OCC) has recently disclosed a significant security breach, with unauthorized access to sensitive emails containing critical financial data about federally regulated financial institutions. This incident was reported in April 2025 and classified as a "major security incident" by the OCC.
Details regarding the extent of compromised sensitive information are still limited, but it is known that the breach involved the accessing of email contents and attachments. This suggests that critical financial data may have been exposed.
In response to the breach, the OCC took immediate steps to investigate and contain the situation, following federal guidance on unauthorized access to customer information. The OCC also undertook a thorough investigation in partnership with Microsoft Global Hunting Oversight and Strategic Triage, Mandiant, and CrowdStrike.
According to reports, more than 100 email accounts and approximately 150,000 emails, including those of senior deputy comptrollers and international banking supervisors, were accessed by hackers from May 2023 until February. The OCC notified the public of the security breach on February 26.
The OCC has since made improvements to its IT security and globally reset all credentials associated with its Microsoft tenant to eliminate further threat.
The exact scope and final impact of the breach have not been fully disclosed to the public as of August 2025. However, the OCC continues to follow federal protocols for containment, investigation, and notification where necessary.
Several major US institutions were affected by cyberattacks in 2025, reflecting the ongoing and evolving nature of cybersecurity challenges. While there is a possibility of a connection to sophisticated threat actors, such as the Russian government, no direct attribution to the OCC incident has been confirmed in available sources.
Some financial institutions, such as Bank of America, JPMorgan Chase, and BNY Mellon, have halted or limited their information sharing with the OCC due to the security breach. Citi, however, does not typically share classified information via email and has not moved to limit its information sharing with the OCC.
The OCC is currently assessing the extent to which highly sensitive information relating to the financial condition of federally regulated financial institutions was compromised in the security breach. The acting Comptroller, Rodney Hood, wrote a draft letter to bank CEOs regarding the security breach on Monday.
As the investigation continues, the OCC will inform each regulated institution if the hackers accessed information specific to their company. The OCC will also provide all institutions with email addresses that were included in the compromised information so they can determine what information was shared with the OCC during the time frame of the breach.
The OCC remains committed to maintaining the security and integrity of the financial system and will continue to work closely with its partners to address this and future security challenges.
Read also:
- Ford accelerates electric vehicle production with a $2 billion restructuring of its Kentucky factory.
- Saudi Secures $83 Million Expansion Funding for its Multi-Platform Car Rental and Mobility Service
- Projected expansion of the High-Torque Wrench Tools Market expected to reach USD 5.8 billion by 2034
- Top Supercars of 2016 Delivering Thrilling Adrenaline Surges
